Closed mrochon closed 2 years ago
Hey mrochon, sorry I couldn't find an appropriate platform to ask this question so I will ask it here. I am using the Invitation policy you created for B2C Multitenant scenario. Right now I am able to prevent a user from using a different email to the the one in the invitation token for local accounts. My issue is this check isn't being achieved for social accounts. For example if I send an invitation to a Microsoft account I am able to sign in with a Google SSO account without the warning telling the user that the "Invitation is for a different email address". Is this because there is no Metadata for that message in the AAD-Common and Google-OAUTH Technical profiles in the Invitation.xml file?
Have a look at this sample: b2csamples/InvitationRedemptionSocial.xml at master · mrochon/b2csamples (github.com)https://github.com/mrochon/b2csamples/blob/master/Policies/invitation/policy/InvitationRedemptionSocial.xml
Hope that give u an idea how to do a combined policy.
Sent from Mailhttps://go.microsoft.com/fwlink/?LinkId=550986 for Windows
From: @.> Sent: Thursday, March 24, 2022 5:55 AM To: @.> Cc: @.>; @.> Subject: Re: [mrochon/b2csamples] Multi-tenant - provide UI for adding new IdPs (Issue #32)
Hey mrochon, sorry I couldn't find an appropriate platform to ask this question so I will ask it here. I am using the Invitation policy you created for B2C Multitenant scenario. Right now I am able to prevent a user from using a different email to the the one in the invitation token for local accounts. My issue is this check isn't being achieved for social accounts. For example if I send an invitation to a Microsoft account I am able to sign in with a Google SSO account without the warning telling the user that the "Invitation is for a different email address". Is this because there is no Metadata for that message in the AAD-Common and Google-OAUTH Technical profiles in the Invitation.xml file?
— Reply to this email directly, view it on GitHubhttps://github.com/mrochon/b2csamples/issues/32#issuecomment-1077597835, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAMKCKDINUU6ZVB7SEP5Y7LVBRQ5HANCNFSM5QOAA4CQ. You are receiving this because you authored the thread.Message ID: @.***>
Thank you let me give this a try
Could I use IEFPolicies module or its logic to do it from the UI?